The Home Office has today published an independent review of how UK intelligence services dealt with information about the individuals responsible for a spate of terrorist attacks earlier this year.

The report by the ex-Independent Reviewer of Terrorism Legislation, David Anderson QC, examines what MI5 and the National Counter Terrorism Police Headquarters knew about those responsible for four attacks at Westminster Bridge, Manchester Arena, London Bridge and Finsbury Park.

In June 2017, the Home Secretary wrote to Mr Anderson QC and asked him to provide “independent assurance” of internal reviews carried out by MI5 and the National Counter Terrorism Police Headquarters, about what was known prior to the attacks about those involved, what decisions were made based on that information, and whether these assessments or decision-making processes could be improved.

The report by Mr Anderson QC published today makes clear that no serious mistakes or errors were made by the security and intelligence services in relation to the attacks, but it makes several recommendations to be considered in future cases.

The report states that there is “certainly room for improvement in analysing and sharing data”, and identifies three potential changes as being particularly important:

Improving “the ability of MI5 and the police to exploit data to detect activity of concern”: in particular, “a better strategy for acquiring, analysing and sharing data across intelligence and policing, for example through wider use of bulk personal datasets”;

“Enhancement of tools” such as a process devised by MI5 “toidentify activity of renewed intelligence interest conducted by [suspects]”, through “data exploitation and other automatic techniques”;

Allowing intelligence agencies such as MI5 to share its knowledge “beyond intelligence circles”, for example with neighbourhood policing.

We understand and support the need to have thorough and robust security and intelligence measures in place to ensure that people who seek to commit such heinous crimes are stopped before they can take any action.

However, we would caution against the use of computer programs and predictive algorithms to carry out this task. As David Anderson says himself in the report “intelligence is always imperfect”. The problems with algorithmic decision-making are well documented, especially in their use by law enforcement and in the criminal justice system, and include false positives or biased results. For further detail read our submissions to the House of Commons Science and Technology Committee enquiry on algorithms here. The security and intelligence services should make their decisions based on objective evidence, not algorithmic speculation which may result in UK citizens’ privacy rights being infringed.

The report also calls for the increased use of “bulk personal datasets”. We would strongly urge against increased use of Bulk Personal Datasets, particularly in regard to sharing them beyond intelligence agencies. It is acknowledged by the Government that these Bulk Personal Datasets hold the personal data of people who are “unlikely to be of intelligence interest”: their use by the intelligence agencies already fundamentally alters the nature of the relationship between citizen and state. This should not be extended to allow more government agencies or departments to intrude into citizens’ personal lives.

As Mr Anderson QC states in the report, “not everything can be stopped”. The UK already has an extremely intrusive surveillance regime, under the Investigatory Powers Act 2016, as well as a host of terrorism laws. The current Independent reviewer of terrorism, Max Hill QC, warned only in October 2017 that we should avoid a “kneejerk reaction” to these attacks. We should be wary of further restricting UK citizens’ civil liberties and freedoms and further intrusions into their private lives.